Subscribe via feed.
Posts under XSS

Apple Security Advisory 2012-11-29-1

Posted by deepcore under Apple, exploit, facebook, iphone, m$, OSX security tools, Privacy, Security, software, tools, twitter, XSS (No Respond)

Apple Security Advisory 2012-11-29-1 – Apple TV 5.1.1 is now available and addresses information disclosure and code execution vulnerabilities.

Tags: , ,

Apple QuickTime 7.7.2 MIME Type Buffer Overflow

Posted by deepcore under Apple, exploit, facebook, iphone, m$, OSX security tools, Privacy, Security, tools, twitter, XSS (No Respond)

This Metasploit module exploits a buffer overflow in Apple QuickTime 7.7.2. The stack based overflow occurs when processing a malformed Content-Type header. The module has been tested successfully on Safari 5.1.7 and 5.0.7 on Windows XP SP3.

Tags: , , ,

[webapps] – Oracle OpenSSO 8.0 Multiple XSS POST Injection Vulnerabilities

Posted by deepcore under exploit, m$, Security, XSS (No Respond)

Oracle OpenSSO 8.0 Multiple XSS POST Injection Vulnerabilities

Tags: , ,

Apple WGT Dictionnaire 1.3 Script Code Injection

Posted by deepcore under Apple, exploit, facebook, iphone, m$, OSX security tools, Privacy, Security, software, tools, twitter, XSS (No Respond)

Apple WGT Dictionnaire version 1.3 suffers from a script code injection vulnerability.

Tags: , , ,

Apple QuickTime 7.7.2 TeXML Style Element font-table Field Stack Buffer Overflow

Posted by deepcore under Apple, exploit, facebook, iphone, m$, OSX security tools, Privacy, Security, tools, twitter, XSS (No Respond)

This Metasploit module exploits a vulnerability found in Apple QuickTime.

Tags: , ,

Twitter 5.0 Eavesdropping Proof Of Concept

Posted by deepcore under Apple, exploit, facebook, iphone, m$, OSX security tools, Privacy, Security, tools, twitter, XSS (No Respond)

The Twitter 5.0 application for iPhone grabs images over HTTP and due to this, allows for a man in the middle attack / image swap. Proof of concept included.

Tags: , ,

[webapps] – PHP Server Monitor Stored XSS

Posted by deepcore under exploit, m$, Security, XSS (No Respond)

PHP Server Monitor Stored XSS

Tags: , , ,

Apple QuickTime 7.7.2 Buffer Overflow

Posted by deepcore under Apple, exploit, facebook, iphone, m$, OSX security tools, Privacy, Security, tools, twitter, XSS (No Respond)

Apple QuickTime versions 7.7.2 and below suffer from a buffer overflow vulnerability in the handling of TGA files.

Tags: , , , ,

Zero Day Initiative Advisory 12-185

Posted by deepcore under Apple, exploit, facebook, iphone, m$, OSX security tools, Privacy, Security, tools, twitter, XSS (No Respond)

Zero Day Initiative Advisory 12-185 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Mac OSX. Authentication is not required to exploit this vulnerability.

Tags: , , , ,

[papers] – Guidelines for Pentesting a Joomla Based Site

Posted by deepcore under exploit, facebook, m$, Security, tools, twitter, XSS (No Respond)

Guidelines for Pentesting a Joomla Based Site

Tags: , , , ,